var crypto = require('crypto');
var User = require('../database/user');      //引入用户信息
var Project = require('../database/project');  //引入活动项目模块
var express = require('express');
var router = express.Router();
var bodyParser = require('body-parser');

/* 进入主页 */
router.get('/', function(req, res) {
    if(!req.session.user){
        return res.redirect('/login');
    }else{
        let role = req.session.user.role;
        let name = req.session.user.name;      
        return res.render('home');
    }
     
});

router.route('/login')
 .post(function(req, res) {
    var md5 = crypto.createHash('md5');
    var password = md5.update(req.body.password).digest('hex');
    console.log(password);
    User.get(req.body.name,function(err,user){ //根据用户名查找数据库
        if(!user){
           return res.send({back:"noUser"})
        };

        if(user.password !== password){
           return res.send({back:"errorPwd"});
        }
        req.session.user = user;   //将该数据库查找结果返回给session
        console.log(req.session)
        return res.send({back:"success",user:user});

    })
 });

router.route('/login')
 .get(function(req, res) {    
        res.render('login', { 
            title: '登录', 
            username:req.session.user
        });  
 });
 
router.route('/register')
 .get(function(req, res) {    
    if(req.session.user){   //如果有req.session.use跳转页面
        res.redirect('/home');
    }else{
        res.render('register', { 
            title: '注册', 
            username:req.session.user
        });
    }   
 })
 //进入注册页面
router.route('/register')   
 .post(function(req,res){   
     console.log(req.body)
     let name = req.body.name;
     var password = req.body.password;
     var md5 = crypto.createHash('md5');   //实例化一个md5加密对象；
     var password = md5.update(req.body.password).digest('hex');   //对密码进行加密处理；
    
     let newUser = new User({   
        name:req.body.name,    
        password: password,
        role: req.body.role,
        orgnization:req.body.orgnization
    });
    
    User.get(newUser.name,function(err,user){ 
        if(err){
            return res.send({back:err})  //查找用户数据时出错
        }
        if(user){
            return res.send({back:"userRegister"}) //用户名已存在
        }

        newUser.save(function(err,user){  
            if(err){
              return res.send({back:err}) //存储用户信息时出错
            };
            req.session.user = user;
            res.send({back:"success"})   //成功
        })
    });
 });

router.post('/getSession', function(req, res) {
     if(req.session.user){   //如果有req.session.use跳转页面
        let user = req.session.user
        res.send({user:user});
     }else{
        res.send({user:null});
     }
 });


router.route('/home/:role/:name').get(function(req, res) {    
    res.render('home');
})

router.route('/securitization/:role/:name/propertyPoleFilter')
 .get(function(req, res) {    
    res.render('home');
})

router.route('/my_product/:role/:name')
 .get(function(req, res) {       
    res.render('home');
 })
//用户权限，限制非登陆状态下的用户无法进入
function authentication(req, res) {
    if (!req.session.user) {
    	req.session.error="please login"
        return res.redirect('/login');
    }
}

router.get('/logout', function(req, res) {
     req.session.user = null;  //清空session
     return res.redirect('/login');
 });

module.exports = router;
